issues
search
sherlock-audit
/
2023-01-uxd-judging
3
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
chainNue - `setRedeemable` can break protocol and might have a major migration issue
#396
github-actions[bot]
closed
1 year ago
0
ak1 - UXDController.sol : The contract is not calling the `mintWithEth` when ETH directly sent.
#395
github-actions[bot]
closed
1 year ago
5
GimelSec - The soft cap in `RageDnDepository` can be bypassed
#394
github-actions[bot]
closed
1 year ago
1
R2 - Absence of slippage leads to funds loss in case of sandwich attack
#393
github-actions[bot]
closed
1 year ago
0
GimelSec - The calculation of `feeAmount ` is incorrect in `Perp._placePerpOrder`
#392
github-actions[bot]
closed
1 year ago
0
ak1 - PerpDepository.sol : transfer's return value is not validated
#391
github-actions[bot]
closed
1 year ago
0
GimelSec - `PerpDepositor.withdrawInsurance` should call vault.getFreeCollateral first
#390
github-actions[bot]
closed
1 year ago
3
GimelSec - `UXDControllerStorage.sol` should have gap storage slots
#389
github-actions[bot]
closed
1 year ago
0
HonorLt - Redeem depository search does not account for amount
#388
github-actions[bot]
closed
1 year ago
0
R2 - The protocol doesn't support tokens with fee and tokens without reverting on bad ``transfer()/approval()``
#387
github-actions[bot]
closed
1 year ago
0
R2 - Uncertainty while choosing depository
#386
github-actions[bot]
closed
1 year ago
0
HonorLt - Redeem only whitelisted assets
#385
github-actions[bot]
closed
1 year ago
2
Jeiwan - `UXDGovernor` and `UXDTimelockController` don't support non-standard ERC20 implementations
#384
github-actions[bot]
closed
1 year ago
0
Deivitto - Losses in `UXDController` and `PerpDepository` can be generated if used with ERC20 Tokens with fee on transfer
#383
github-actions[bot]
closed
1 year ago
0
dipp - Anyone may swap any user's quote tokens for base tokens if that user has approved ```PerpDepository.sol``` to spend quote tokens
#382
github-actions[bot]
closed
1 year ago
0
Jeiwan - `Uniswapper` cannot be used in rebalancing due to missed approval
#381
github-actions[bot]
closed
1 year ago
0
Jeiwan - Using `block.timestamp` as deadline exposes users to sandwich attacks
#380
github-actions[bot]
closed
1 year ago
3
Jeiwan - Wrong `PerpVETHMarket` address on Optimism
#379
github-actions[bot]
closed
1 year ago
0
R2 - Token can't be redeemed if it was deleted from whitelist
#378
github-actions[bot]
closed
1 year ago
0
Jeiwan - Wrong fee calculation when opening a short position on Perpetual Protocol
#377
github-actions[bot]
closed
1 year ago
0
ak1 - unsafe `approve` approach in `UXDGovernor.sol and UXDTimelockController.sol`
#376
github-actions[bot]
closed
1 year ago
2
Jeiwan - Loss of funds during redeeming due to decimals rounding
#375
github-actions[bot]
closed
1 year ago
2
R2 - Function ``UXDController.setRedeemable()`` call locks users funds
#374
github-actions[bot]
closed
1 year ago
0
HonorLt - Change of redeemable will break the system
#373
github-actions[bot]
closed
1 year ago
0
0x52 - PerpDepository#_rebalanceNegativePnlWithSwap fails to approve vault for quote deposit
#372
github-actions[bot]
opened
1 year ago
5
0x52 - PerpDepository#_rebalanceNegativePnlWithSwap will not work because it never approves spotSwapper to transfer baseAsset
#371
github-actions[bot]
closed
1 year ago
0
dipp - A malicious user can rebalance using any user that has approved the contract to spend quote tokens
#370
github-actions[bot]
closed
1 year ago
0
zaevlad - Gas grieffing at (bool success, )
#369
github-actions[bot]
closed
1 year ago
0
zaevlad - No return check in an asset transferFrom() function
#368
github-actions[bot]
closed
1 year ago
0
ak1 - Lack of storage gaps for upgradable contracts
#367
github-actions[bot]
closed
1 year ago
0
zaevlad - Low issues and gas saving
#366
github-actions[bot]
closed
1 year ago
0
zaevlad - Gas grieffing an functions with loops
#365
github-actions[bot]
closed
1 year ago
0
kaysoft - Setting the slippage to Zero in the `_openLong` and `_openShort` functions will open the transaction to front running and Sandwich attack
#364
github-actions[bot]
closed
1 year ago
0
kaysoft - Hardcoded `deadline` for the `openPosition` params in the _placePerpOrder function
#363
github-actions[bot]
closed
1 year ago
0
dipp - Admin can deposit user's tokens as insurance in ```PerpDepository.sol```
#362
github-actions[bot]
closed
1 year ago
0
serial-coder - [M-04] Unwhitelisting Collateral Tokens Affect PERP Positions
#361
github-actions[bot]
closed
1 year ago
0
serial-coder - [M-03] Potential Lock Of Ethers
#360
github-actions[bot]
closed
1 year ago
0
serial-coder - [M-02] Unsafe Token Transfers
#359
github-actions[bot]
closed
1 year ago
0
GimelSec - User/Gov's quoteToken allowance which is approved for `depositInsurance()` will be maliciously used on `rebalance()`
#358
github-actions[bot]
closed
1 year ago
0
GimelSec - Anyone can call `rebalance()` to get excess tokens when `shortFall < 0`, these excess tokens are not used in `rebalance()`
#357
github-actions[bot]
closed
1 year ago
0
GimelSec - `rebalance()` will always be reverted because it doesn't approve quoteToken for vault
#356
github-actions[bot]
closed
1 year ago
0
GimelSec - `rebalance()` will always be reverted because `_rebalanceNegativePnlWithSwap()` doesn't approve assetToken for spotSwapper
#355
github-actions[bot]
closed
1 year ago
0
serial-coder - [M-01] Loss Of UXD And UXP Tokens During Cross-Chain Bridging
#354
github-actions[bot]
closed
1 year ago
1
JohnnyTime - Gas Optimization: `polarity` param and if statements are not necessary in rebalancing functions
#353
github-actions[bot]
closed
1 year ago
0
GimelSec - `transfer()` and `approve()` may be reverted in some ERC20 tokens if the protocol forces check the return value
#352
github-actions[bot]
closed
1 year ago
0
GimelSec - Use safeTransfer/safeTransferFrom instead of transfer/transferFrom
#351
github-actions[bot]
closed
1 year ago
0
serial-coder - [H-02] Unexpected Behaviors Upon Changing Redeemable Token
#350
github-actions[bot]
closed
1 year ago
0
kaysoft - Centralization Risk for trusted owners in PerpDepository.sol
#349
github-actions[bot]
closed
1 year ago
0
serial-coder - [H-01] Stealing All Collateral Assets On Rage Trade
#348
github-actions[bot]
closed
1 year ago
4
berndartmueller - Incorrect position value calculation due to using mark (perp market price) instead of index (spot) price
#347
github-actions[bot]
closed
1 year ago
5
Previous
Next